| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YHhu8PvSOkwkUqW7@zeniv-ca.linux.org.uk>
Date: Thu, 15 Apr 2021 16:50:56 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Gautham Ananthakrishna <gautham.ananthakrishna@...cle.com>
Cc: linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-mm@...ck.org, matthew.wilcox@...cle.com,
khlebnikov@...dex-team.ru
Subject: Re: [PATCH RFC 1/6] dcache: sweep cached negative dentries to the
end of list of siblings
On Wed, Apr 14, 2021 at 03:00:48AM +0000, Al Viro wrote:
> Ugh... So when dput() drives the refcount down to 0 you hit lock_parent()
> and only then bother to check if the sucker had been negative in the first
^^^^^^^^^^^^^^^^^
had zero refcount, of course.
> place?
> > @@ -1970,6 +2021,8 @@ void d_instantiate(struct dentry *entry, struct inode * inode)
> > {
> > BUG_ON(!hlist_unhashed(&entry->d_u.d_alias));
> > if (inode) {
> > + if (d_is_tail_negative(entry))
> > + recycle_negative(entry);
> > security_d_instantiate(entry, inode);
> > spin_lock(&inode->i_lock);
> > __d_instantiate(entry, inode);
>
> Wait a bloody minute. What about d_instantiate_new() right next to it?
Another fun question: where's the proof that __d_add(dentry, non_NULL_inode)
won't happen to dentry marked tail-negative? From a quick grep I see at
least one such place - on success cifs_do_create() does
d_drop(direntry);
d_add(direntry, newinode);
and it would bloody well evade what you are doing in d_instantiate().
Same seems to be true for nfs_link()...
Powered by blists - more mailing lists